package com.zhanghe.springsecurity.provider;

import com.zhanghe.springsecurity.Service.UserService;
import com.zhanghe.springsecurity.model.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

import java.util.ArrayList;

/**
 * CustomAuthenticationProvider
 *
 * @author Clevo
 * @date 2018/3/25
 */
public class CustomAuthenticationProvider implements AuthenticationProvider {

    private  static  final Logger logger = LoggerFactory.getLogger(CustomAuthenticationProvider.class);
    @Autowired
    private UserService userService;

    public CustomAuthenticationProvider() {
        super();
    }
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        logger.debug("进入登录验证器");
        // 获取认证的用户名 & 密码authenticationManager
        String name = authentication.getName();
        Object password = authentication.getCredentials();
        User user = userService.loadUserByUsername(name);
        // 认证逻辑
        if (password!=null&&user!=null && name.equals(user.getUserName()) && password.toString().equals(user.getPassword())) {
            logger.debug("用户:"+name+" 账号密码验证成功");
            // 这里设置权限和角色
            ArrayList<GrantedAuthority> authorities = new ArrayList<>();
            for(String role:new ArrayList<String>(){{add("ROLE_ADMIN");add("ROLE_SELLER");}}){
                authorities.add( new SimpleGrantedAuthority(role));
            }
            // 生成令牌
            Authentication auth = new UsernamePasswordAuthenticationToken(name, password, authorities);
            return auth;
        }else {
            logger.debug("用户:"+name+" 账号密码验证错误");
            throw new BadCredentialsException("密码错误~");
        }
    }

    // 是否可以提供输入类型的认证服务
    @Override
    public boolean supports(Class<?> authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }
}
